Hi,
After the handle sioctl_hdl `hdl' is opened (which in itself requires rw fs
access and opening an unix socket) then all operations happen over that handle
so the program may be restricted to only "stdio".
All options were tested successfully, including the examples from the manpage
plus tweaking the audio from an app ($MYBROWSER).
Comments? OK?
Index: sndioctl.c
===================================================================
RCS file: /cvs/src/usr.bin/sndioctl/sndioctl.c,v
retrieving revision 1.10
diff -u -p -u -r1.10 sndioctl.c
--- sndioctl.c 17 May 2020 05:39:32 -0000 1.10
+++ sndioctl.c 21 May 2020 22:04:58 -0000
@@ -948,6 +948,13 @@ main(int argc, char **argv)
fprintf(stderr, "%s: can't open control device\n", devname);
exit(1);
}
+
+ if (pledge("stdio", NULL) == -1) {
+ fprintf(stderr, "%s: pledge: %s\n", getprogname(),
+ strerror(errno));
+ exit(1);
+ }
+
if (!sioctl_ondesc(hdl, ondesc, NULL)) {
fprintf(stderr, "%s: can't get device description\n", devname);
exit(1);
